-
Notifications
You must be signed in to change notification settings - Fork 11
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
CCMv4 in OSCAL Format #56
Comments
We fully agree with the goal. Where we needed to ref the CCMv4 controls we added them to our own yaml file - which was a bit of a hack. Our understanding is the CCMv4 group will publish a full set. @apannetrat might have timeline info. |
All good! Again, if you want assistance with the review or any challenges in preparing and releasing the catalog, feel free to let us know. We want to support community adoption when we can reasonably pitch in, @pritikin and @apannetrat. |
@pritikin @apannetrat OSCAL rules could be a good use case for continuous audit metrics. @aj-stein-nist can provide more info if you have any questions after reading the doc. |
@apannetrat any update on this? |
Hello, I hope this is a good place to report this. Given the emergence of useful continuous audit metrics like these, and their relationship to CCMv4 controls, is there any work on the roadmap (for this project team or more generally in CSA) to release a draft or finalized copy of the CCMv4 controls in OSCAL data formats (one or all of OSCAL JSON, XML, or YAML)?
The NIST OSCAL Team would be willing to help where we can to assist this effort, where we can, to move forward this effort. Please reach out to via Gitter, email at [email protected], or any other medium we recommend on our website. Thanks!
The text was updated successfully, but these errors were encountered: